Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
File: 16e3842c-0679-4aa3-bd71-e66ff760467d.roa (raw, json)
Hash identifier: 2BGu25ix5dc0JsU+eM/QaJX+t/jC9EFHg9MxoT3kLD4=
Subject key identifier: B0:53:C0:24:AB:33:7E:8F:81:70:83:FD:22:90:1A:87:8E:E5:BD:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 75825B5149710E4FF20294B50EC1DDA2B9E10DC6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:82:5b:51:49:71:0e:4f:f2:02:94:b5:0e:c1:dd:a2:b9:e1:0d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=6cd85366b33faa7e5973edda9fd95317c3ef117a92e2922051b82b895138bd18, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ee:f9:ba:e3:bf:e2:40:78:18:1d:c4:ac:51:
b7:04:08:85:28:38:a0:bc:f9:b8:88:1b:66:83:ca:
07:9a:cc:b1:72:52:0d:95:e7:9b:ad:d9:5a:86:52:
1d:a6:ec:ed:00:fb:63:95:d6:32:0f:00:d8:97:39:
11:61:e0:63:89:a7:0c:a6:62:b7:15:57:e2:3e:0c:
ca:dc:e2:cd:eb:a4:b9:27:36:9a:84:dc:b4:53:ad:
90:b5:d4:fd:92:5e:52:78:f9:cc:fe:7f:44:2e:74:
cb:22:46:b2:80:ce:5c:c1:ec:cb:69:54:f3:35:7a:
e5:64:d3:c4:9c:f2:a1:df:af:7a:22:55:14:ef:b0:
ae:0b:89:2a:23:e7:07:d5:f1:97:c9:b0:79:fb:9e:
08:bc:4b:44:5b:d5:11:1d:cd:b5:f8:c9:7b:63:a9:
1a:08:45:0c:98:90:9b:49:8e:74:5f:0e:c1:2b:b9:
e3:47:79:e5:6a:d8:87:76:a9:a6:49:a2:9c:1c:4a:
2a:da:3b:c8:cc:98:94:70:ba:2e:1c:f1:85:a4:22:
a5:05:dd:13:c2:93:49:90:a5:5d:9b:a3:e4:51:06:
0c:4e:df:d1:e5:12:aa:b4:84:3f:f1:96:f3:09:ee:
0b:4c:4f:ad:a4:df:ac:68:4b:71:bd:ff:8e:2f:54:
ee:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:53:C0:24:AB:33:7E:8F:81:70:83:FD:22:90:1A:87:8E:E5:BD:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:62:49:6a:d6:e5:9e:14:92:19:1d:2b:d8:41:1c:f0:77:5a:
4d:75:d5:cf:12:7a:75:74:a0:ef:56:e8:c8:ca:2c:a4:0b:db:
c8:b8:c5:00:cd:7f:37:12:ec:89:3b:e7:db:a6:c4:c9:06:00:
f5:fb:7f:cd:41:49:e5:18:a8:66:8e:35:f6:cc:a7:c1:c2:8d:
e1:d0:6c:22:47:5e:16:1f:cc:ef:d4:70:f5:c9:78:84:d5:15:
ec:c9:5e:1a:1e:e6:e4:f0:b0:55:7c:03:cb:ca:a2:1b:26:81:
64:c0:40:f0:c8:89:f6:59:1c:0d:6a:d2:1b:99:9d:44:19:b9:
39:2a:33:fd:19:66:90:78:a0:ed:71:75:5e:17:b7:b8:d7:7d:
b7:6d:bb:93:00:8f:64:88:ca:22:3d:32:64:28:94:d4:8c:29:
b4:3f:29:b0:8d:01:3c:c9:51:71:da:aa:0a:f6:1d:39:73:d1:
68:9d:e7:4c:4b:39:3b:95:a1:5c:f7:82:c2:25:e1:a6:bf:e2:
10:67:7b:5a:4c:c5:87:15:be:7a:f5:2b:5c:5f:d1:0a:ea:0b:
b2:1b:60:e2:7c:96:37:c6:a7:fc:2c:15:fd:37:e9:f1:e4:90:
0a:2f:cb:c7:e4:5f:67:a4:cb:a2:6c:19:b9:0c:7d:78:d2:0b:
8d:5f:c2:78
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdYJbUUlxDk/yApS1DsHdornhDcYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjZDg1MzY2YjMzZmFhN2U1OTczZWRkYTlmZDk1MzE3YzNlZjExN2E5MmUy
OTIyMDUxYjgyYjg5NTEzOGJkMTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvu+brjv+JAeBgdxKxRtwQIhSg4oLz5uIgbZoPKB5rMsXJSDZXnm63ZWoZS
Habs7QD7Y5XWMg8A2Jc5EWHgY4mnDKZitxVX4j4MytzizeukuSc2moTctFOtkLXU
/ZJeUnj5zP5/RC50yyJGsoDOXMHsy2lU8zV65WTTxJzyod+veiJVFO+wrguJKiPn
B9Xxl8mwefueCLxLRFvVER3NtfjJe2OpGghFDJiQm0mOdF8OwSu540d55WrYh3ap
pkminBxKKto7yMyYlHC6LhzxhaQipQXdE8KTSZClXZuj5FEGDE7f0eUSqrSEP/GW
8wnuC0xPraTfrGhLcb3/ji9U7sECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSwU8Ak
qzN+j4Fwg/0ikBqHjuW9hjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTZlMzg0MmMtMDY3OS00YWEzLWJkNzEtZTY2ZmY3NjA0NjdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQAjYklq1uWeFJIZHSvYQRzwd1pNddXPEnp1dKDvVujI
yiykC9vIuMUAzX83EuyJO+fbpsTJBgD1+3/NQUnlGKhmjjX2zKfBwo3h0GwiR14W
H8zv1HD1yXiE1RXsyV4aHubk8LBVfAPLyqIbJoFkwEDwyIn2WRwNatIbmZ1EGbk5
KjP9GWaQeKDtcXVeF7e41323bbuTAI9kiMoiPTJkKJTUjCm0PymwjQE8yVFx2qoK
9h05c9FonedMSzk7laFc94LCJeGmv+IQZ3taTMWHFb569StcX9EK6guyG2DifJY3
xqf8LBX9N+nx5JAKL8vH5F9npMuibBm5DH140guNX8J4
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org